Individuals and organizations typically seek to protect their computing resources from network attacks and other security threats. Many of these security threats will take the form of malicious emails, such as spear phishing emails. Spear phishing emails generally use specific knowledge of individuals and their organizations to trick victims into disclosing sensitive information or installing malware on their computers.
To protect their computing resources and users from the security threats, individuals and organizations may employ security software products that attempt to distinguish between benign events and malicious events. For example, the security software products may attempt to distinguish between benign emails and spear phishing emails. Unfortunately, traditional systems and methods for detecting spear phishing emails may suffer from several drawbacks. The traditional systems may strain labor and other resources of a security software product vendor because the traditional systems may operate upon a large number of manually-labeled emails. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems and methods for detecting security events.